Search Results (357 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0681 9 Apple, Gentoo, Hp and 6 more 15 Mac Os X, Mac Os X Server, Linux and 12 more 2026-04-16 N/A
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
CVE-2001-0284 1 Openbsd 1 Openbsd 2026-04-16 N/A
Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.
CVE-2000-0309 1 Openbsd 1 Openbsd 2026-04-16 N/A
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
CVE-1999-0484 1 Openbsd 1 Openbsd 2026-04-16 N/A
Buffer overflow in OpenBSD ping.
CVE-2003-0466 7 Apple, Freebsd, Netbsd and 4 more 10 Mac Os X, Mac Os X Server, Freebsd and 7 more 2026-04-16 9.8 Critical
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVE-2003-0386 2 Openbsd, Redhat 2 Openssh, Enterprise Linux 2026-04-16 N/A
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address.
CVE-2001-0268 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2026-04-16 N/A
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
CVE-2003-0190 4 Openbsd, Openpkg, Redhat and 1 more 8 Openssh, Openpkg, Enterprise Linux and 5 more 2026-04-16 N/A
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
CVE-2003-0144 4 Bsd, Freebsd, Lprold and 1 more 4 Lpr, Freebsd, Lprold and 1 more 2026-04-16 N/A
Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2026-04-16 N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVE-2000-0217 2 Openbsd, Ssh 3 Openssh, Ssh, Ssh2 2026-04-16 N/A
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
CVE-2003-0078 4 Freebsd, Openbsd, Openssl and 1 more 6 Freebsd, Openbsd, Openssl and 3 more 2026-04-16 N/A
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
CVE-2003-0028 11 Cray, Freebsd, Gnu and 8 more 15 Unicos, Freebsd, Glibc and 12 more 2026-04-16 N/A
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
CVE-2001-0144 2 Openbsd, Ssh 2 Openssh, Ssh 2026-04-16 N/A
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
CVE-2002-2280 1 Openbsd 1 Openbsd 2026-04-16 N/A
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server.
CVE-2002-2222 2 Freebsd, Openbsd 2 Ports Collection, Openbsd 2026-04-16 N/A
isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and in OpenBSD 3.1, allows remote attackers to cause a denial of service (crash) by sending Internet Key Exchange (IKE) payloads out of sequence.
CVE-2001-0053 3 David Madore, Netbsd, Openbsd 3 Ftpd-bsd, Netbsd, Openbsd 2026-04-16 N/A
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
CVE-2000-0143 2 Openbsd, Ssh 2 Openssh, Ssh 2026-04-16 N/A
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
CVE-1999-0483 1 Openbsd 1 Openbsd 2026-04-16 N/A
OpenBSD crash using nlink value in FFS and EXT2FS filesystems.
CVE-1999-0304 4 Bsdi, Freebsd, Netbsd and 1 more 4 Bsd Os, Freebsd, Netbsd and 1 more 2026-04-16 N/A
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.